U.S. patent application number 13/954680 was filed with the patent office on 2014-01-30 for system and method for advanced control tools for administrators in a cloud-based service.
Invention is credited to Matthew Taro Duvall, Timothy Heilig, Andy Kiang, Philip Sheffield, Elena Andreevna Tatarchenko, Kevin Tu, Alexander Vaughn, Natalia Vinnik.
Application Number | 20140033324 13/954680 |
Document ID | / |
Family ID | 49996357 |
Filed Date | 2014-01-30 |
United States Patent
Application |
20140033324 |
Kind Code |
A1 |
Kiang; Andy ; et
al. |
January 30, 2014 |
SYSTEM AND METHOD FOR ADVANCED CONTROL TOOLS FOR ADMINISTRATORS IN
A CLOUD-BASED SERVICE
Abstract
A cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service) is described that provides advanced
control tools for administrators of an enterprise account. The
advanced control tools permit the administrator to set mobile
security settings for mobile devices running applications that
allow a user to access enterprise data in the cloud-based platform;
activity notification archiving; support for multiple email
domains; automation processes; and policies. The settings selected
by the administrator are applied enterprise-wide within the
cloud-based platform.
Inventors: |
Kiang; Andy; (Mountain View,
CA) ; Tu; Kevin; (San Francisco, CA) ;
Sheffield; Philip; (San Francisco, CA) ; Vaughn;
Alexander; (San Jose, CA) ; Heilig; Timothy;
(Millbrae, CA) ; Tatarchenko; Elena Andreevna;
(Mountain View, CA) ; Duvall; Matthew Taro; (San
Francisco, CA) ; Vinnik; Natalia; (Mountain View,
CA) |
Family ID: |
49996357 |
Appl. No.: |
13/954680 |
Filed: |
July 30, 2013 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
61677249 |
Jul 30, 2012 |
|
|
|
61706546 |
Sep 27, 2012 |
|
|
|
61708926 |
Oct 2, 2012 |
|
|
|
Current U.S.
Class: |
726/27 |
Current CPC
Class: |
H04L 67/2861 20130101;
H04L 67/04 20130101; H04L 67/22 20130101; H04L 63/10 20130101 |
Class at
Publication: |
726/27 |
International
Class: |
H04L 29/06 20060101
H04L029/06 |
Claims
1. A method of setting mobile security settings for mobile devices
used to access data provided by users in a cloud collaboration
environment, the method comprising: receiving by a server from an
administrator of an enterprise account of the cloud collaboration
environment an indication whether data is permitted to be
downloaded from the cloud collaboration environment to a mobile
device of a user associated with the enterprise account;
transmitting by the server the indication to a mobile device
application running on a given mobile device, wherein the mobile
device application prevents the user of the given mobile device
from downloading data from the enterprise account in the cloud
collaboration environment to the mobile device if indicated by the
administrator.
2. The method of claim 1, further comprising: receiving by the
server from the administrator a duration of inactivity on the
mobile device after which a passcode lock is required to be entered
by a user to access data from the enterprise account in the cloud
collaboration environment via the mobile device application;
transmitting by the server to the mobile device application the
duration, wherein the mobile device application enforces the
requirement for entry of the passcode lock after the duration of
inactivity has occurred.
3. The method of claim 1, wherein the transmission of the
indication occurs in response to a request from the mobile device
application.
4. The method of claim 3, wherein the request is made by the mobile
device application after the user logs in to the mobile device
application.
5. A system of a cloud-based collaboration environment which
provides enhanced configurable mobile security settings, the system
comprising: a processor; a memory having stored thereon
instructions which, when executed by the processor, causes the
system to: receive from an administrator of an enterprise account
on a cloud collaboration environment an indication regarding
whether data is permitted to be downloaded from the cloud
collaboration environment to a mobile device of a user associated
with the enterprise account; transmit the indication to a mobile
device application running on a given mobile device, wherein the
mobile device application prevents the user of the given mobile
device from downloading data from the enterprise account in the
cloud collaboration environment to the mobile device if indicated
by the administrator.
6. The system of claim 5, wherein the system is further caused to
receive from the administrator a duration of inactivity on the
mobile device after which a passcode lock is required to be entered
by a user to access data from the enterprise account in the cloud
collaboration environment via the mobile device application;
transmit to the mobile device application the duration, wherein the
mobile device application enforces the requirement for entry of the
passcode lock after the duration of inactivity has occurred.
7. The system of claim 5, wherein transmission of the indication
occurs in response to a request from the mobile device application,
and further wherein the request is made by the mobile device
application after the user logs in to the mobile device
application.
8. A method for ensuring compliance in a cloud collaboration
environment, the method, comprising: receiving by a server from an
administrator of an enterprise account of a cloud collaboration
environment a location to which compliance emails should be
transmitted; upon detecting by the server a communication from a
first user associated with the enterprise account to at least a
second user within the cloud collaboration environment, sending a
compliance email with the communication to the location.
9. The method of claim 8, wherein a header of the email includes a
first identity of the first user and a second identity of the at
least the second user.
10. The method of claim 8, further comprising: receiving by the
server from the administrator one or more activities for which
communications are to be archived, wherein the compliance email is
sent by the server when the communication is related to the one or
more activities within the cloud collaboration environment.
11. The method of claim 10, wherein the activities to be archived
are selected from: comments, discussions, assigning tasks, and
invitations.
12. The method of claim 8, wherein the location is an email address
of the first user.
13. A machine-readable storage medium having stored thereon
instructions which, when executed by a processor, causes the
processor to: receive from an administrator of an enterprise
account of a cloud collaboration environment a location to which
compliance emails should be transmitted; upon detection of a
communication from a first user associated with the enterprise
account to at least a second user within the cloud collaboration
environment, send a compliance email with the communication to the
location.
14. The machine-readable storage medium of claim 13, wherein the
processor is further caused to: receive from the administrator one
or more activities for which communications are to be archived,
wherein the compliance email is sent by the server when the
communication is related to the one or more activities within the
cloud collaboration environment.
15. The method of claim 14, wherein the activities to be archived
are selected from: comments, discussions, assigning tasks, and
invitations.
16. The method of claim 13, wherein the location is an email
address of the first user.
17. A method comprising receiving by a server from an administrator
of an enterprise account of a cloud collaboration environment
multiple email domains of users to be permitted to access links to
data hosted on the cloud collaboration environment within the
enterprise account; permitting by the server users having an email
address with one of the multiple email domains to access links to
data within the cloud collaboration environment, and denying access
to users not having an email address with one of the multiple email
domains.
18. The method of claim 17, further comprising: permitting by the
server a collaborator to access links to data within the within the
cloud collaboration environment regardless of whether the
collaborator has an email address with one of the multiple email
domains.
19. The method of claim 17, further comprising: receiving by the
server privileges granted to link viewers; enforcing by the server
the privileges for the link viewers.
20. The method of claim 17, further comprising: subsequently
receiving by the server from the administrator a first notification
that all users can access links to data hosted on the cloud
collaboration environment within the enterprise account; permitting
by the server all users to access links.
21. The method of claim 17, further comprising: subsequently
receiving by the server from the administrator a second
notification that only collaborators of a folder within the cloud
collaboration environment can access links to data in the folder;
permitting by the server only collaborators of the folder within
the cloud collaboration environment to access links to data in the
folder.
22. A system comprising: a processor; a memory having stored
thereon instructions which, when executed by the processor, causes
the system to: receive from an administrator of an enterprise
account of a cloud collaboration environment multiple email domains
to be permitted to access links to data hosted on the cloud
collaboration environment within the enterprise account; permit
users having an email address with one of the multiple email
domains to access links to data within the cloud collaboration
environment, and denying access to users not having an email
address with one of the multiple email domains.
23. The system of claim 22, wherein the system is further caused
to: permit a collaborator to access links to data within the cloud
collaboration environment regardless of whether the collaborator
has an email address with one of the multiple email domains.
24. The system of claim 22, wherein the system is further caused
to: receive privileges granted to link viewers; enforce the
privileges for the link viewers.
25. A method comprising: receiving by a server from an
administrator of an enterprise account of a cloud collaboration
environment a condition, wherein the condition is an action
performed by a user associated with the enterprise account within
the cloud collaboration environment; receiving by the server from
the administrator an action to be performed when the condition has
occurred; monitoring by the server the condition within the
enterprise account of the cloud collaboration environment;
performing by the server the action when the condition has been
met.
26. The method of claim 25, wherein the condition is when an object
is uploaded to the cloud collaboration environment and the object
contains a social security number, a credit card number, custom
words, or custom numbers.
27. The method of claim 26, wherein the action is selected from:
moving the object to quarantine, tracking the uploaded object for
reporting, and sending a notification to a specified email
address.
28. The method of claim 25, wherein the condition is when at least
a minimum number of objects are downloaded from the cloud
collaboration environment within a specified time period.
29. The method of claim 28, wherein the action is selected from:
tracking the downloaded objects for reporting, and sending a
notification to a specified email address.
30. The method of claim 25, wherein the condition is when an object
is shared with a user with a specified email domain.
31. The method of claim 30, wherein the action is selected from:
moving the object to quarantine, tracking the shared object for
reporting, and sending a notification to a specified email
address.
32. A system comprising: means for receiving from an administrator
of an enterprise account of a cloud collaboration environment a
condition, wherein the condition is an action performed by a user
associated with the enterprise account within the cloud
collaboration environment; means for receiving from the
administrator an action to be performed when the condition has
occurred; means for monitoring the condition within the enterprise
account of the cloud collaboration environment; means for
performing the action when the condition has been met.
33. The method of claim 32, wherein the condition is when an object
is uploaded to the cloud collaboration environment and the object
contains a social security number, a credit card number, custom
words, or custom numbers, and further wherein the action is
selected from: moving the object to quarantine, tracking the
uploaded object for reporting, and sending a notification to a
specified email address.
34. The method of claim 32, wherein the condition is when at least
a minimum number of objects are downloaded from the cloud
collaboration environment with a specified time period, and further
wherein the action is selected from: tracking the downloaded
objects for reporting, and sending a notification to a specified
email address.
35. The method of claim 25, wherein the condition is when an object
is shared with a user at a specified email domain, and further
wherein the action is selected from: moving the object to
quarantine, tracking the shared object for reporting, and sending a
notification to a specified email address.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application claims the benefit of U.S. Provisional
Patent Application No. 61/708,926 entitled, "ADVANCED CONTROL TOOLS
AND ENTERPRISE-WIDE SEARCH FOR ADMINISTRATORS IN AN ENTERPRISE,"
(Attorney Docket No. 61599-8041.US02), which was filed Oct. 2,
2012; U.S. Provisional Patent Application No. 61/677,249 entitled
"ADVANCED SEARCH AND FILTERING MECHANISMS FOR ENTERPRISE
ADMINISTRATORS IN A CLOUD-BASED ENVIRONMENT," (Attorney Docket No.
61599-8041.US00), which was filed on Jul. 30, 2012; and U.S.
Provisional Patent Application No. 61/706,546 entitled "ADVANCED
SEARCH AND FILTERING MECHANISMS FOR ENTERPRISE ADMINISTRATORS IN A
CLOUD-BASED ENVIRONMENT," (Attorney Docket No. 61599-8041.US01),
which was filed on Sep. 27, 2012, the contents of which are
incorporated by reference in their entireties herein.
BACKGROUND
[0002] Security continues to be a major area of concern as more and
more enterprises adopt cloud-based solutions for content
management. When corporate content that is potentially stored in
the cloud is accessed by many corporate users, there is typically
an administrator that oversees and monitors the use of the cloud.
Among other functions, the administrator may be responsible for
ensuring the security of the corporate data stored in the cloud,
particularly with the increased access of cloud content via mobile
devices.
BRIEF DESCRIPTION OF THE DRAWINGS
[0003] Examples of a cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service) that provides
advanced control tools to an administrator of an enterprise account
are illustrated in the figures. The examples and figures are
illustrative rather than limiting.
[0004] FIG. 1 illustrates an example diagram of a system where a
host server provides advanced control tools to an administrator of
an enterprise account in a cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service).
[0005] FIG. 2 depicts an example diagram of a web-based or
cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service) deployed in an enterprise or other
organizational setting for organizing work items and
workspaces.
[0006] FIG. 3 depicts a block diagram illustrating an example of
components in the content manager of a cloud-based platform (e.g.,
cloud-based collaboration and/or storage platform/service).
[0007] FIGS. 4A-4B depict screenshots showing examples of a user
interface for selecting security settings for mobile devices
accessing the enterprise's content in the cloud-based platform
(e.g., cloud-based collaboration and/or storage
platform/service).
[0008] FIGS. 5A-5B depict screenshots showing examples of a user
interface for selecting compliance email archive settings for an
enterprise account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service).
[0009] FIG. 6 depicts a screenshot showing an example of a user
interface for selecting email domain support settings for an
enterprise account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service).
[0010] FIG. 7 depicts a screenshot showing an example of a user
interface for selecting automation settings for an enterprise
account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service).
[0011] FIG. 8 depicts a screenshot showing an example of a user
interface for selecting policy settings for downloading information
from an enterprise account in the cloud-based platform (e.g.,
cloud-based collaboration and/or storage platform/service).
[0012] FIG. 9 depicts a screenshot showing an example of a user
interface for selecting policy settings for uploading information
to an enterprise account in the cloud-based platform (e.g.,
cloud-based collaboration and/or storage
platform/service).selecting details of a policy to be applied to an
enterprise account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service).
[0013] FIG. 10A depicts a screenshot showing an example of a user
interface for selecting policy settings for sharing information in
an enterprise account in the cloud-based platform (e.g.,
cloud-based collaboration and/or storage platform/service).
[0014] FIG. 10B depicts a screenshot showing an example of a user
interface providing statistics about a previously defined policy in
an enterprise account in the cloud-based platform (e.g.,
cloud-based collaboration and/or storage platform/service).
[0015] FIG. 11 depicts a flow chart illustrating an example process
for selecting security settings for mobile devices accessing the
enterprise's content in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service).
[0016] FIG. 12 depicts a flow chart illustrating an example
communications process between a mobile device and the host server
for the cloud-based platform (e.g., cloud-based collaboration
and/or storage platform/service)
[0017] FIG. 13 depicts a flow chart illustrating an example process
for selecting compliance email archive settings for an enterprise
account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service).
[0018] FIG. 14 depicts a flow chart illustrating an example process
for selecting email domain support settings for an enterprise
account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service).
[0019] FIG. 15 depicts a flow chart illustrating an example process
for selecting automation settings for an enterprise account in the
cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service).
[0020] FIG. 16 depicts a flow chart illustrating an example process
for selecting policy settings for an enterprise account in the
cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service).
[0021] FIG. 17 shows a diagrammatic representation of a machine in
the example form of a computer system within which a set of
instructions, for causing the machine to perform any one or more of
the methodologies discussed herein, may be executed.
DETAILED DESCRIPTION
[0022] A cloud-based platform (e.g., cloud-based collaboration
and/or storage platform/service) is described that provides
advanced control tools for administrators of an enterprise account.
The advanced control tools permit the administrator to set mobile
security settings for mobile devices running applications that
allow a user to access enterprise data in the cloud-based platform;
activity notification archiving; support for multiple email
domains; automation processes; and policies. The settings selected
by the administrator are applied enterprise-wide within the
cloud-based platform.
[0023] Various aspects and examples of the invention will now be
described. The following description provides specific details for
a thorough understanding and enabling description of these
examples. One skilled in the art will understand, however, that the
invention may be practiced without many of these details.
Additionally, some well-known structures or functions may not be
shown or described in detail, so as to avoid unnecessarily
obscuring the relevant description.
[0024] The terminology used in the description presented below is
intended to be interpreted in its broadest reasonable manner, even
though it is being used in conjunction with a detailed description
of certain specific examples of the technology. Certain terms may
even be emphasized below; however, any terminology intended to be
interpreted in any restricted manner will be overtly and
specifically defined as such in this Detailed Description
section.
[0025] FIG. 1 illustrates a diagram of an example system that has a
host server 100 with a content manager 111 that provides advanced
control tools to an administrator to select settings that apply
across an enterprise or organization using a cloud-based platform
(e.g., cloud-based collaboration and/or storage platform/service).
The content manager 111 enables the administrator to select mobile
security settings that apply to mobile devices accessing data in
the cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service), to customize automated actions performed
across the enterprise, and to customize policies for data uploaded
to, downloaded from, and shared within the cloud-based platform for
the enterprise account.
[0026] The client devices 102 can be any system and/or device,
and/or any combination of devices/systems that is able to establish
a connection, including wired, wireless, cellular connections with
another device, a server and/or other systems such as host server
100 via, for example, a web application. Client devices 102 will
typically include a display and/or other output functionalities to
present information and data exchanged between or among the devices
102 and/or the host server 100.
[0027] For example, the client devices 102 can include mobile, hand
held or portable devices or non-portable devices and can be any of,
but not limited to, a server desktop, a desktop computer, a
computer cluster, or portable devices including, a notebook, a
laptop computer, a handheld computer, a palmtop computer, a mobile
phone, a cell phone, a smart phone (e.g., a BlackBerry device such
as BlackBerry Z10/Q10, an iPhone, Nexus 4, etc.), a Treo, a
handheld tablet (e.g. an iPad, iPad Mini, a Galaxy Note, Galaxy
Note II, Xoom Tablet, Microsoft Surface, Blackberry PlayBook, Nexus
7, 10 etc.), a phablet (e.g., HTC Droid DNA, etc.), a tablet PC, a
thin-client, a hand held console, a hand held gaming device or
console (e.g., XBOX live, Nintendo DS, Sony PlayStation Portable,
etc.), iOS powered watch, Google Glass, a Chromebook and/or any
other portable, mobile, hand held devices, etc. running on any
platform or any operating system (e.g., Mac-based OS (OS X, iOS,
etc.), Windows-based OS (Windows Mobile, Windows 7, Windows 8,
etc.), Android, Blackberry OS, Embedded Linux platforms, Palm OS,
Symbian platform, Google Chrome OS, and the like. In one
embodiment, the client devices 102, and host server 100 are coupled
via a network 106. In some embodiments, the devices 102 and host
server 100 may be directly connected to one another.
[0028] The input mechanism on client devices 102 can include touch
screen keypad (including single touch, multi-touch, gesture sensing
in 2D or 3D, etc.), a physical keypad, a mouse, a pointer, a track
pad, motion detector (e.g., including 1-axis, 2-axis, 3-axis
accelerometer, etc.), a light sensor, capacitance sensor,
resistance sensor, temperature sensor, proximity sensor, a
piezoelectric device, device orientation detector (e.g., electronic
compass, tilt sensor, rotation sensor, gyroscope, accelerometer),
or a combination of the above.
[0029] Signals received or detected indicating user activity at
client devices 102 through one or more of the above input
mechanism, or others, can be used in the disclosed technology by
various users or collaborators (e.g., collaborators 108) for
accessing, through network 106, a cloud-based platform (e.g.,
cloud-based collaboration and/or storage platform/service) (e.g.,
hosted by the host server 100). The collaboration environment or
platform can have one or more collective settings 125 for an
enterprise or an organization to which the users belong, and can
provide a user interface 104 for the users to access such platform
under the settings 125.
[0030] The cloud-based service (e.g., collaboration platform or
environment) hosts workspaces with work items that one or more
users can access (e.g., view, edit, update, revise, comment, add to
discussions, download, preview, tag, or otherwise manipulate,
etc.). A work item can generally include any type of digital or
electronic content that can be viewed or accessed via an electronic
device (e.g., device 102). The digital content can include .PDF
files, .doc, slides (e.g., PowerPoint slides), images, audio files,
multimedia content, web pages, blogs, etc. A workspace can
generally refer to any grouping of a set of digital content in the
collaboration platform. The grouping can be created, identified, or
specified by a user or through other means. This user may be a
creator user or administrative user, for example.
[0031] In general, a workspace can be associated with a set of
users or collaborators (e.g., collaborators 108) which have access
to the content included therein. The levels of access (e.g., based
on permissions or rules) of each user or collaborator to access the
content in a given workspace may be the same or may vary among the
users. Each user may have their own set of access rights to every
piece of content in the workspace, or each user may have different
access rights to different pieces of content. Access rights may be
specified by a user associated with a workspace and/or a user who
created/uploaded a particular piece of content to the workspace, or
any other designated user or collaborator.
[0032] In general, the collaboration platform allows multiple users
or collaborators to access or collaborate on efforts on work items
such that each user can see, remotely, edits, revisions, comments,
or annotations being made to specific work items through their own
user devices. For example, a user can upload a document to a
workspace for other users to access (e.g., for viewing, editing,
commenting, discussing, signing-off, or otherwise manipulating).
The user can login to the online platform and upload the document
(or any other type of work item) to an existing workspace or to a
new workspace. The document can be shared with existing users or
collaborators in a workspace. Each document, work item, file, and
folder can only be owned by a single user. However, the owner of
the document, work item, file, or folder can transfer ownership to
another collaborator.
[0033] The content databases 121-1 to 121-n store files and folders
uploaded to the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service) along with metadata
for the uploaded files and folders.
[0034] In some embodiments, client devices 102 communicate with the
host server 100 over network 106. In general, network 106, over
which the client devices 102 and the host server 100 communicate,
may be a cellular network, a telephonic network, an open network,
such as the Internet, or a private network, such as an intranet
and/or the extranet, or any combination thereof. For example, the
Internet can provide file transfer, remote log in, email, news,
RSS, cloud-based services, instant messaging, visual voicemail,
push mail, VoIP, and other services through any known or convenient
protocol, such as, but not limited to, the TCP/IP protocol, Open
System Interconnections (OSI), FTP, UPnP, iSCSI, NSF, ISDN, PDH,
RS-232, SDH, SONET, etc.
[0035] The network 106 can be any collection of distinct networks
operating wholly or partially in conjunction to provide
connectivity to the client devices 102 and the host server 100 and
may appear as one or more networks to the serviced systems and
devices. In some embodiments, communications to and from the client
devices 102 can be achieved by, an open network, such as the
Internet, or a private network, such as an intranet and/or the
extranet. In some embodiments, communications can be achieved by a
secure communications protocol, such as secure sockets layer (SSL),
or transport layer security (TLS).
[0036] In addition, communications can be achieved via one or more
networks, such as, but are not limited to, one or more of WiMax, a
Local Area Network (LAN), Wireless Local Area Network (WLAN), a
Personal area network (PAN), a Campus area network (CAN), a
Metropolitan area network (MAN), a Wide area network (WAN), a
Wireless wide area network (WWAN), enabled with technologies such
as, by way of example, Global System for Mobile Communications
(GSM), Personal Communications Service (PCS), Digital Advanced
Mobile Phone Service (D-Amps), Bluetooth, Wi-Fi, Fixed Wireless
Data, 2G, 2.5G, 3G, 4G, IMT-Advanced, pre-4G, 3G LTE, 3GPP LTE, LTE
Advanced, mobile WiMax, WiMax 2, WirelessMAN-Advanced networks,
enhanced data rates for GSM evolution (EDGE), General packet radio
service (GPRS), enhanced GPRS, iBurst, UMTS, HSPDA, HSUPA, HSPA,
UMTS-TDD, 1xRTT, EV-DO, messaging protocols such as, TCP/IP, SMS,
MMS, extensible messaging and presence protocol (XMPP), real time
messaging protocol (RTMP), instant messaging and presence protocol
(IMPP), instant messaging, USSD, IRC, or any other wireless data
networks or messaging protocols.
[0037] The automation engine 113 performs the automation processes
set up by the administrator via the content manager 111, and the
policy engine 115 executes the policies set up by the administrator
via the content manager 111. As shown in FIG. 1, the automation
engine 113 and the policy engine 115 are part of the host server
110. However, in some embodiments, one or both of the automation
engine 113 and the policy engine 115 can be external to the host
server 110. In some embodiments, the automation engine 113 and/or
the policy engine 115 are accessed via the network 106 by the host
server 110.
[0038] FIG. 2 depicts an example diagram of a web-based or
cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service) deployed in an enterprise or other
organizational setting 250 for organizing workspaces 205, 225, 245
and work items 215, 235, 255, where the work items and workspaces
are hosted on content databases 1, 2, . . . n 121-1, 121-2, . . .
121-n.
[0039] The web-based platform for collaborating on projects or
jointly working on documents can be used by individual users and
shared among collaborators. In addition, the collaboration platform
can be deployed in an organized setting including but not limited
to, a company (e.g., an enterprise setting), a department in a
company, an academic institution, a department in an academic
institution, a class or course setting, or any other types of
organizations or organized setting.
[0040] When deployed in an organizational setting, multiple
workspaces (e.g., workspace A, B C) can be created to support
different projects or a variety of work flows. Each workspace can
have its own associated work items. For example, workspace A 205
may be associated with work items 215, workspace B 225 can be
associated with work items 235, and workspace N 245 can be
associated with work items 255. The work items 215, 235, and 255
may be unique to each workspace but need not be. For example, a
particular word document can be associated with only one workspace
(e.g., workspace A 205) or it may be associated with multiple
workspaces (e.g., workspace A 205 and workspace B 225, etc.).
[0041] In general, each workspace has a set of users or
collaborators associated with it. For example, workspace A 205 is
associated with multiple users or collaborators 206. In some
instances, workspaces deployed in an enterprise may be department
specific. For example, workspace B may be associated with
department 210 and some users shown as example user A 208, and
workspace N 245 can be associated with departments 212 and 216 and
users shown as example user B 214.
[0042] FIG. 3 depicts a block diagram illustrating an example of
components in the content manager 111 of the host server 100 of a
cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service).
[0043] The host server 100 of the cloud-based platform (e.g.,
cloud-based collaboration and/or storage platform/service) can
generally be a cloud-based service. The content manager 111 of the
host server 100 can include, for example, a network interface 302,
a mobile setting module 320, a notification module 330, an email
domain module 340, a user interface module 350, an automation
module 355, a policy module 360, and/or an advanced tools database
370. Additional or fewer components/modules/engines can be included
in the host server 100, content manager 111, and each illustrated
component.
[0044] The network interface 302 can be a networking module that
enables the content manager 111 to mediate data in a network with
an entity that is external to the content manager 111, through any
known and/or convenient communications protocol supported by the
content manager 111 and the external entity. The network interface
302 can include one or more of a network adaptor card, a wireless
network interface card (e.g., SMS interface, WiFi interface,
interfaces for various generations of mobile communication
standards including but not limited to 1G, 2G, 3G, 3.5G, 4G, LTE,
etc.,), Bluetooth, a router, an access point, a wireless router, a
switch, a multilayer switch, a protocol converter, a gateway, a
bridge, bridge router, a hub, a digital media receiver, and/or a
repeater.
[0045] As used herein, a "module" or an "engine" includes a general
purpose, dedicated or shared processor and, typically, firmware or
software modules that are executed by the processor. Depending upon
implementation-specific or other considerations, the module or
engine can be centralized or its functionality distributed. The
module or engine can include general or special purpose hardware,
firmware, or software embodied in a computer-readable (storage)
medium for execution by the processor. As used herein, a
computer-readable medium or computer-readable storage medium is
intended to include all mediums that are statutory (e.g., in the
United States, under 35 U.S.C. 101), and to specifically exclude
all mediums that are non-statutory in nature to the extent that the
exclusion is necessary for a claim that includes the
computer-readable (storage) medium to be valid. Known statutory
computer-readable mediums include hardware (e.g., registers, random
access memory (RAM), non-volatile (NV) storage, to name a few), but
may or may not be limited to hardware.
[0046] Some embodiments of the content manager 111 include the user
interface module 350 which can display or cause to be displayed a
suitable user interface that presents appropriate information to
the administrator and allows the administrator to enter information
in response to provided prompts. The user interface module 350
works in conjunction with the mobile setting module 320, the
notification module 330, the email domain module 340, the
automation module 355, and the policy module 360. Each of these
modules provides the prompts to be displayed by the user interface
module 350 to the administrator, and, in some casese, provides a
menu of inputs for the administrator to respond with.
[0047] Some embodiments of the content manager 111 include the
mobile setting module 320 which can provide via the user interface
module 350 a mobile security setting user interface for an
administrator to set mobile security settings to be applied to
mobile device applications that permit a user to access data stored
within the enterprise account in the cloud-based service managed by
the administrator. The mobile setting module 320 also receives the
administrator's selected settings, and interacts with the mobile
device applications to enforce the selected mobile security
settings.
[0048] FIG. 4A depicts a screenshot showing an example of a user
interface, with information provided by the mobile setting module
320, for indicating whether files can be saved on mobile devices
accessing the enterprise's content in the cloud-based platform
(e.g., cloud-based collaboration and/or storage platform/service).
The administrator can either permit files from the cloud-based
platform to be saved on the mobile device or restrict or prevent
the mobile device from saving files from the cloud-based platform
on the mobile device. The administrator may choose the latter
setting to ensure that data stored in the cloud remains protected
even though users may access the data on a mobile device. In some
embodiments, the administrator can allow files to be saved on
mobile devices only when the device is encrypted, such as with
Android devices.
[0049] FIG. 4B depicts a screenshot showing an example of a user
interface, with information provided by the mobile setting module
320, for selecting the duration of inactivity of the mobile device
after which entry of an application passcode is required to access
the enterprise's content in the cloud-based platform (e.g.,
cloud-based collaboration and/or storage platform/service). The
administrator may select to not enforce this function.
Alternatively, the administrator may select a period of inactivity,
for example, one minute, two minutes, five minutes, 15 minutes, or
an hour. Requiring the user to enter a passcode after the selected
period of inactivity has elapsed helps reduce the likelihood that a
passer-by will be able to access enterprise data if the owner of
the mobile device steps away.
[0050] The mobile setting module 320 stores the administrator's
selections in the advanced controls database 370. As shown in FIG.
3, the advanced controls database 370 is part of the content
manager 111. However, in some embodiments, the advanced controls
database 370 can be external to the content manager 111. In some
embodiments, the advanced controls database 370 is accessed via the
network 106 by the content manager 111.
[0051] The mobile setting module 320 interacts with each mobile
device application every time a user logs in to the cloud-based
service via the mobile device. After a user has logged in with the
mobile device application, the mobile device application requests
from the mobile setting module 320 the stored mobile security
settings selected by the administrator. Upon receipt of the
request, the mobile setting module 320 sends the stored settings to
the mobile device application, and the application enforces the
settings. Thus, the administrator's settings are applied to all
mobile device applications on every mobile device attempting to
access data managed by the administrator in the enterprise account
in the cloud-based service.
[0052] Some embodiments of the content manager 111 include the
notification module 330 which can provide via the user interface
module 350 a compliance email archive user interface for enabling
compliance email archiving and selecting settings for the
archiving. Compliance email archiving is useful in certain
industries, such as finance and healthcare, as well as with
eDiscovery requirements. In these industries and with eDiscovery,
it is required to keep all documentation of communication. In some
embodiments of the cloud-based service, the cloud-based service
allows users to communicate or enter free text that would be seen
by or could be sent to another individual using the cloud-based
service, for example, features such as comments, discussions,
assigning tasks, and invitations. When compliance email archiving
is enabled, whenever a user of the cloud-based service sends a
communication, the notification module 330 will automatically email
a hidden copy of the selected communication activity to a specified
email address. The emails sent by the notification module 330 will
ultimately need to be captured and tracked with a separate tracking
and archiving system to support business compliance in regulated
industries and with eDiscovery requirements.
[0053] FIG. 5A depicts a screenshot showing an example of a user
interface, with information provided by the notification module
330, for selecting compliance email archive settings for an
enterprise account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service). The enterprise
administrator can disable compliance email archiving using this
user interface. Alternatively, the administrator can select
activities from preselected groups of activities to be archived,
such as comments, discussions, and tasks; or comments, discussions,
tasks, and invitations. In some embodiments, the administrator can
select each activity to be included for compliance email archiving
instead of choosing from preselected groups of activities.
[0054] FIG. 5B depicts a screenshot showing an example of a user
interface, with information provided by the notification module
330, for selecting an archiving destination for the compliance
emails. For example, the administrator can choose to have
compliance emails sent to the user performing the actions selected
above, or sent to a specific email address entered by the
administrator. In some embodiments, the user who took the action
and to whom the communication was sent is placed in the header of
the email, and the text of the communication and the context is
placed in the body of the email.
[0055] After the administrator has selected the preferences for
compliance emails for the enterprise, the notification module 330
stores the preferences in the advanced tools database 370 and
begins appropriately tracking and implementing compliance email
archiving.
[0056] Some embodiments of the content manager 111 include the
email domain module 340 which can provide via the user interface
module 350 an email domain support user interface for an
administrator to create a single, centralized managed account
across multiple email domains for all users. This is useful if a
business operates within different countries or has multiple
subsidiaries with users that have email addresses from different
domains. When multiple email domain support is combined with
enterprise-wide search, an administrator is provided the ability to
search files being stored and shared across the entire enterprise
or organization.
[0057] FIG. 6 depicts a screenshot showing an example of a user
interface, with information provided by the email domain module
340, for selecting email domain support settings for an enterprise
account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service). In the example of
FIG. 6, the administrator is provided three choices. The first
choice allows anyone with a link to data in the enterprise account
to access the data. No log in is required prior to accessing the
link. The second choice allows users at specified email domains to
access the link in addition to collaborators who have an email
address that is not within the specified email domains. The
administrator can be prompted to enter the email domains to be
permitted access to links to data in the enterprise account. The
third choice allows only collaborators in a folder to access the
link. External sharing is disabled. While only three choices are
provided in the example screenshot of FIG. 6, other choices can be
provided to the administrator regarding required permissions prior
to accessing a link.
[0058] Additionally, as shown in the example screenshot of FIG. 6,
the administrator can select permissions for link viewers. For
example, link viewers may be permitted to preview and download the
shared item, further share the item, or just preview the item.
Other permissions can also be selected by the administrator. Once
the administrator has selected preferences regarding email domain
support for the enterprise, the email domain module 340 stores the
information in the advanced tools database 370 and proceeds to
execute the administrator's selected choices.
[0059] Some embodiments of the content manager 111 include the
automation module 355 which can provide via the user interface
module 350 an automation user interface for adding a new automation
process or editing an existing automation process. The automation
process allows tasks within an enterprise account to be automated.
For example, if a file is placed into a certain folder, then an
approval process is initiated, and if a user approves something,
then the process continues. Thus, multiple workflows can be
concatenated with the automated process. In some embodiments, an
automation process can provide anti-virus and/or malware detection
on uploaded files to the enterprise account.
[0060] To define an automation process, the administrator selects a
condition, and an action to perform if the condition is satisfied.
Automation processes can have more than a single condition and
action. FIG. 7 depicts a screenshot showing an example of a user
interface, with information provided by the automation module 355,
for selecting automation settings for an enterprise account in the
cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service). The administrator begins by naming the
automation process, as shown near the top of the example screenshot
in FIG. 7. Any previously defined automation processes are
presented in a list to the left of the user interface so that the
administrator can select one for reviewing and/or editing. The
automation process is defined by specifying a condition and
corresponding action to be performed if the condition is met. In
the example of FIG. 7, the condition is when a file is uploaded to
the cloud-based service to a particular folder, and the
corresponding action to be performed if this condition is met is to
assign an approval task to the user whose email address is entered
by the administrator. Other example of a condition includes when a
task is completed; when a file commented on; and when a folder is
shared. The administrator can choose to add additional
condition/action steps. The administrator also has the option to
cancel any automation process for the enterprise.
[0061] A condition can be set to be the occurrence of any type of
action identified by the administrator, for example, uploading,
downloading, or sharing a file. The action to be performed upon
meeting the condition can also be set to be any type of action.
[0062] Once the administrator has selected preferences regarding an
automation process for the enterprise, the automation module 355
stores the information in the advanced tools database 370, and the
automation engine 113 executes the stored automation process.
[0063] Some embodiments of the content manager 111 include the
policy module 360 which can provide via the user interface module
350 a policy user interface for adding a new policy or editing an
existing policy.
[0064] To define a policy, the administrator selects a policy type,
a condition, and an action to perform if the condition is
satisfied. FIG. 8 depicts a screenshot showing an example of a user
interface, with information provided by the policy module 350, for
selecting policy settings for downloading information from an
enterprise account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service). The administrator
begins by naming the policy, as shown near the top of the example
screenshot in FIG. 8. Any previously defined policies are presented
in a list to the left of the user interface so that the
administrator can select a policy for reviewing and/or editing. The
policy is defined by specifying a policy type, such as upload,
download, or sharing. Other policy types may also be specified. In
the example of FIG. 8, the policy type is download. The policy
module 360 then prompts the administrator with appropriate prompts
corresponding to the download policy.
[0065] The policy is further defined by specifying a condition and
corresponding action if the condition is met. In some embodiments,
the policy module 360 can provide the user with selections from a
menu corresponding to the selected policy type. For the condition
for the example in FIG. 8, the administrator is prompted to select
a number of downloaded files (e.g., 50-to 100 files or 500 to 1000
files) and a time period over (e.g., less than one hour or less
than 24 hours) corresponding which the files are downloaded.
Example actions to be performed if the selected condition is met
can be selected from only track for reporting or send a
notification to the email addresses provided by the administrator.
In some embodiments, other conditions and actions can be selected.
The administrator also has the option to cancel any policy for the
enterprise.
[0066] FIG. 9 depicts a screenshot showing an example of a user
interface, with information provided by the policy module 360, for
selecting policy settings for uploading information to an
enterprise account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service) and selecting
details of a policy to be applied to an enterprise account in the
cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service). In the example of FIG. 9, the policy
type is upload. The policy module 360 then prompts the
administrator with appropriate prompts for the upload policy. For
the condition for the example of FIG. 9, the administrator is
prompted to select an uploaded document contains a social security
number, a credit card number, or custom words or numbers. Example
actions to be performed if the selected condition is met can be
chosen from move the file to quarantine, only track for reporting,
and/or send a notification to the email addresses provided by the
administrator.
[0067] FIG. 10A depicts a screenshot showing an example of a user
interface, with information provided by the policy module 360, for
selecting policy settings for sharing information in an enterprise
account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service). In the example of
FIG. 10A, the policy type is sharing. The policy module 360 then
prompts the administrator with appropriate prompts for the sharing
policy. For the condition for the example of FIG. 10A, the
administrator is prompted to select when a user shares content with
anyone on the domains provided by the administrator. Example
actions to be performed if the defined condition is satisfied can
be selected from move the file to quarantine, only track for
reporting, and/or send a notification to the email addresses
provided by the administrator.
[0068] Once the administrator has selected preferences regarding a
policy for the enterprise, the policy module 360 stores the
information in the advanced tools database 370, and the policy
engine 115 executes the stored policy.
[0069] After the administrator has defined a policy and elected to
start the policy, the administrator can select the policy from the
list of defined policies as shown on the left side of FIG. 10B, and
statistics pertaining to the policy will be shown. FIG. 10B depicts
a screenshot showing an example of a user interface providing
statistics about a previously defined policy, Social Security
Numbers, as defined in FIG. 9, in an enterprise account in the
cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service). The example of FIG. 10B shows the policy
start date, the number of documents processed on upload (because
the policy type is upload), and the number of documents effected by
the policy (i.e., moved to quarantine). From the user interface,
administrator can choose to edit the policy, delete the policy, and
view quarantined files.
[0070] FIG. 11 depicts a flow chart illustrating an example process
for selecting security settings for mobile devices accessing the
enterprise's content in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service).
[0071] At block 1105, the content manager provides a setting
selection for the administrator for whether files are permitted to
be saved on mobile devices accessing enterprise account data in the
cloud-based platform, and receives a setting selection from the
administrator.
[0072] Then at block 1110, the content manager provides a setting
selection for the administrator for the duration of inactivity on
the mobile device after which entry of an application passcode is
required, that is, the elapsed time of inactivity on the mobile
device after which the user of the mobile device is required to
enter a passcode. The content manager receives a response from the
administrator.
[0073] And at block 1115, the content manager stores the responses
from the administrator received at block 1105 and 1110.
[0074] FIG. 12 depicts a flow chart illustrating an example
communications process between an application running on a mobile
device that permits the user to access data stored in the
cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service) and the content manager for the
cloud-based platform for setting security settings on the mobile
device.
[0075] The actions of the mobile device application 1205 on the
left and the content manager 111 on the right are shown relative to
each other as a function of time, with time increasing in the
downward direction in FIG. 12. Transmissions between the mobile
device application 1205 and the content manager 111 are shown by
the arrows crossing the center of FIG. 12.
[0076] The mobile device application 1205 receives a user login to
the mobile device application at block 1210. Then at transmission
1215, the mobile device application 1205 transmits a request for
mobile security settings to the content manager 111. The content
manager 111 receives the request at block 1220, and transmits the
stored mobile security settings to the mobile device application
1205 at transmission 1225.
[0077] Then at block 1230, the mobile device application 1205
receives the mobile security settings. Next, at block 1235, the
mobile device application 1205 stores the mobile security settings
locally, and at block 1240, the mobile device application 1205
enforces the mobile security settings.
[0078] FIG. 13 depicts a flow chart illustrating an example process
for selecting compliance email archive settings for an enterprise
account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service).
[0079] At block 1305, the content manager receives an indication
from the administrator to edit compliance email archive settings.
Then at block 1310, the content manager provides a menu of
activities for the administrator to select from for archiving. For
example, the activities for archiving can be selected from no
archiving; archive comments, discussions, and tasks; and archive
comments, discussions, tasks, and invitations. Other options can
also be offered to the administrator. The content manager receives
a selection from the administrator.
[0080] Then at block 1315, the content manager provides a selection
of archive locations to which the archived activities are to be
emailed. For example, the user performing the action can be
emailed, or a specific email address provided by the administrator
can be used.
[0081] At block 1320, the content manager stores the response, and
at block 1325, the content manager begins archiving activity based
upon the stored response.
[0082] FIG. 14 depicts a flow chart illustrating an example process
for selecting email domain support settings for an enterprise
account in the cloud-based platform (e.g., cloud-based
collaboration and/or storage platform/service).
[0083] At block 1405, the content manager receives an indication
from the administrator to edit email domain support settings. Then
at block 1410, the content manager provides options for new links
to default to. For example, the options can include anyone with the
link can be permitted to access it and no log in is required; users
at specified email domains with the link can access it as well as
collaborators at non-specified email domains; and only invited
collaborators in the folder can access the link, and external
sharing of data is disabled. Other options can also be offered to
the administrator. The content manager receives a selection from
the administrator.
[0084] At block 1415, the content manager stores the received
response, and at block 1420, the content manager implements the
link management according to the received response.
[0085] FIG. 15 depicts a flow chart illustrating an example process
for selecting automation settings for an enterprise account in the
cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service).
[0086] At block 1505, upon request by an administrator of an
enterprise account, the content manager provides a selection of
automation processes that can be selected for editing or the option
to define a new automation process and receives a response from the
administrator.
[0087] Then at block 1510, the content manager provides appropriate
selections for the selected automation process to set up a
condition for the automation. For example, the condition can be
when a file is uploaded to the cloud-based service to a particular
folder. The content manager receives the selection.
[0088] Next, at block 1515, the content manager provides
appropriate selections for the selected automation process to set
up an action if the condition is met. For example, assigning an
approval task to a particular user. The content manager receives
the selection.
[0089] At decision block 1525, the content manager determines
whether the administrator wants to add another step to the
automation process. If another step is to be added (block
1525--Yes), the process returns to block 1510.
[0090] If there are no more steps to be added to the automation
process (block 1525--No), at block 1527, the content manager stores
the automation information.
[0091] At block 1530, the content manager receives an indication to
initiate the automation process, and at block 1535, the content
manager sends the automation process information to the automation
engine for performing the automation.
[0092] FIG. 16 depicts a flow chart illustrating an example process
for selecting policy settings for an enterprise account in the
cloud-based platform (e.g., cloud-based collaboration and/or
storage platform/service).
[0093] At block 1605, upon request by an administrator of an
enterprise account, the content manager provides a selection of
policies that can be selected for customization or the option to
select a new policy to be entered and receives a response from the
administrator.
[0094] Then at block 1610, the content manager provides appropriate
selections for selecting a policy type, for example, policies that
apply to uploaded data to, downloaded data from, and shared date
within the cloud-based service. The content manager receives a
response on the policy type.
[0095] Next, at block 1615, the content manager provides
appropriate selections for the selected policy type to set up a
condition for the policy. For example, if the selected policy type
is downloading data, the condition can be when a user downloads a
given number of files within a certain time period, where the
administrator selects the number of files and the time period for
the policy condition. The content manager receives a selection.
[0096] At block 1620, the content manager provides appropriate
selections for the selected policy type to set up an action if the
condition is met. For example, sending a notification by email to a
specified user. The content manager receives a selection.
[0097] At block 1622, the content manager stores the policy
information. Then at block 1625, the content manager receives an
indication to initiate implementing the policy, and at block 1630,
the content manager sends the policy information to the policy
engine for performing the automation.
[0098] FIG. 17 shows a diagrammatic representation of a machine in
the example form of a computer system within which a set of
instructions, for causing the machine to perform any one or more of
the methodologies discussed herein, may be executed.
[0099] In alternative embodiments, the machine operates as a
standalone device or may be connected (e.g., networked) to other
machines. In a networked deployment, the machine may operate in the
capacity of a server or a client machine in a client-server network
environment, or as a peer machine in a peer-to-peer (or
distributed) network environment.
[0100] The machine may be a server computer, a client computer, a
personal computer (PC), a user device, a tablet PC, a laptop
computer, a set-top box (STB), a personal digital assistant (PDA),
a cellular telephone, an iPhone, an iPad, a Blackberry, a
processor, a telephone, a web appliance, a network router, switch
or bridge, a console, a hand-held console, a (hand-held) gaming
device, a music player, any portable, mobile, hand-held device, or
any machine capable of executing a set of instructions (sequential
or otherwise) that specify actions to be taken by that machine.
[0101] While the machine-readable medium or machine-readable
storage medium is shown in an exemplary embodiment to be a single
medium, the term "machine-readable medium" and "machine-readable
storage medium" should be taken to include a single medium or
multiple media (e.g., a centralized or distributed database and/or
associated caches and servers) that store the one or more sets of
instructions. The term "machine-readable medium" and
"machine-readable storage medium" shall also be taken to include
any medium that is capable of storing, encoding or carrying a set
of instructions for execution by the machine and that cause the
machine to perform any one or more of the methodologies of the
presently disclosed technique and innovation.
[0102] In general, the routines executed to implement the
embodiments of the disclosure may be implemented as part of an
operating system or a specific application, component, program,
object, module or sequence of instructions referred to as "computer
programs." The computer programs typically comprise one or more
instructions set at various times in various memory and storage
devices in a computer that, when read and executed by one or more
processing units or processors in a computer, cause the computer to
perform operations to execute elements involving the various
aspects of the disclosure.
[0103] Moreover, while embodiments have been described in the
context of fully functioning computers and computer systems, those
skilled in the art will appreciate that the various embodiments are
capable of being distributed as a program product in a variety of
forms, and that the disclosure applies equally regardless of the
particular type of machine or computer-readable media used to
actually effect the distribution.
[0104] Further examples of machine-readable storage media,
machine-readable media, or computer-readable (storage) media
include but are not limited to recordable type media such as
volatile and non-volatile memory devices, floppy and other
removable disks, hard disk drives, optical disks (e.g., Compact
Disk Read-Only Memory (CD ROMS), Digital Versatile Disks, (DVDs),
etc.), among others, and transmission type media such as digital
and analog communication links.
[0105] Unless the context clearly requires otherwise, throughout
the description and the claims, the words "comprise," "comprising,"
and the like are to be construed in an inclusive sense, as opposed
to an exclusive or exhaustive sense; that is to say, in the sense
of "including, but not limited to." As used herein, the terms
"connected," "coupled," or any variant thereof, means any
connection or coupling, either direct or indirect, between two or
more elements; the coupling of connection between the elements can
be physical, logical, or a combination thereof. Additionally, the
words "herein," "above," "below," and words of similar import, when
used in this application, shall refer to this application as a
whole and not to any particular portions of this application. Where
the context permits, words in the above Detailed Description using
the singular or plural number may also include the plural or
singular number respectively. The word "or," in reference to a list
of two or more items, covers all of the following interpretations
of the word: any of the items in the list, all of the items in the
list, and any combination of the items in the list.
[0106] The above detailed description of embodiments of the
disclosure is not intended to be exhaustive or to limit the
teachings to the precise form disclosed above. While specific
embodiments of, and examples for, the disclosure are described
above for illustrative purposes, various equivalent modifications
are possible within the scope of the disclosure, as those skilled
in the relevant art will recognize. For example, while processes or
blocks are presented in a given order, alternative embodiments may
perform routines having steps, or employ systems having blocks, in
a different order, and some processes or blocks may be deleted,
moved, added, subdivided, combined, and/or modified to provide
alternative or sub-combinations. Each of these processes or blocks
may be implemented in a variety of different ways. Also, while
processes or blocks are at times shown as being performed in
series, these processes or blocks may instead be performed in
parallel, or may be performed at different times. Further any
specific numbers noted herein are only examples: alternative
implementations may employ differing values or ranges.
[0107] The teachings of the disclosure provided herein can be
applied to other systems, not necessarily the system described
above. The elements and acts of the various embodiments described
above can be combined to provide further embodiments.
[0108] Any patents and applications and other references noted
above, including any that may be listed in accompanying filing
papers, are incorporated herein by reference. Aspects of the
disclosure can be modified, if necessary, to employ the systems,
functions, and concepts of the various references described above
to provide yet further embodiments of the disclosure.
[0109] These and other changes can be made to the disclosure in
light of the above Detailed Description. While the above
description describes certain embodiments of the disclosure, and
describes the best mode contemplated, no matter how detailed the
above appears in text, the teachings can be practiced in many ways.
Details of the system may vary considerably in its implementation
details, while still being encompassed by the subject matter
disclosed herein. As noted above, particular terminology used when
describing certain features or aspects of the disclosure should not
be taken to imply that the terminology is being redefined herein to
be restricted to any specific characteristics, features, or aspects
of the disclosure with which that terminology is associated. In
general, the terms used in the following claims should not be
construed to limit the disclosure to the specific embodiments
disclosed in the specification, unless the above Detailed
Description section explicitly defines such terms. Accordingly, the
actual scope of the disclosure encompasses not only the disclosed
embodiments, but also all equivalent ways of practicing or
implementing the disclosure under the claims.
[0110] While certain aspects of the disclosure are presented below
in certain claim forms, the inventors contemplate the various
aspects of the disclosure in any number of claim forms. For
example, while only one aspect of the disclosure is recited as a
means-plus-function claim under 35 U.S.C. .sctn.112, 6, other
aspects may likewise be embodied as a means-plus-function claim, or
in other forms, such as being embodied in a computer-readable
medium. (Any claims intended to be treated under 35 U.S.C.
.sctn.112, 6 will begin with the words "means for.") Accordingly,
the applicant reserves the right to add additional claims after
filing the application to pursue such additional claim forms for
other aspects of the disclosure.
* * * * *